Hello members, I am using 6.4.5 on an active passive pair of fortigate
firewalls. VPN is rock solid when primary is with higher HA device
priority. When I force failover to backup, then of course VPN
disconnects. When I connect back, I could ping acr...
Hello members, I was planning to use SSL Session ID for persistence as I
was not sure if inserting a http cookie will mess up with anything the
real servers might be inserting as well, but then I found this short
text at this link: https://docs.citri...
Hello forum members, Load balancing to https servers is bit new for me.
I have done in the past regular http load balancing. I was under the
impression that with certificates on the servers and incoming https
requests being sent to one or the other r...
Hello All, If we are managing switches over fortilink thru Fortigate,
are we still able to SSH / telnet into the switches to make some changes
like multicasting IGMP querier set up on the Switches? Thanks
Hi Members, I see few posts partially around this subject, but no real
solution arrived in there. We need to move a customer from Cisco
infrastructure to a cluster of two fortigates (active / passive) and 6
fortiswitches and they have an Exchange 201...
Okay, I have resolved this issue. The problem was not with Fortigate
setup, but I suspected that it has to be with how FGCP clustering
protocol shifts around the IPs on the interfaces, and thus resulting mac
address association with L2 switch upstrea...
Any chance there are two patch cables between unmanaged switch and the
firewall? If so, please ensure that the STP / spanning tree protocol is
enabled on the switch LAN ports of the firewall. I believe this should
be on by default, but at least one t...
I believe you can only set up VRRP to achieve some level of failover and
failback. The hardware and licensing needs to be identical for fortigate
HA clustering.
I ended up importing the PFX bundle in the firewall and setting up full
SSL offloading back to member servers. Without Certs, we cannot do SSL
offloading and without SSL offloading, we cannot do the HTTPs load
balancing and without HTTPs load balanci...
I was wrong. HTTP with 443 does not work and is not treated as https. My
needs are HTTPS load balancing with HTTP cookie insertion by fortigate
as I have no idea of how backend IIS session persistence works and even
if does work, the cookies inserted...